Security Vulnerability: CVE-2017-5753, CVE-2017-5715 (Spectre), and CVE-2017-5754 (Meltdown)

This article was last updated as of Apr-10-18 at 12:46PM. 

What’s the vulnerability?

Spectre and Meltdown represent a class of vulnerabilities affecting modern computer processors utilizing Intel’s CPU architecture. The vulnerabilities affect the majority of modern microprocessors, and allow an attacker with the ability to execute code on an affected system to randomly read memory locations for other running applications. Such data may include passwords, private keys, message contents, and more.

  

What can our customers do?

Shared SaaS: The VMware AirWatch SaaS Service team continues to give high priority to the issues identified by CVE-2017-5753, CVE-2017-5715 (Spectre), and CVE-2017-5754 (Meltdown). We have made significant progress applying Hypervisor-Specific Mitigation mitigations described here as well as Operating System-Specific Mitigations. In addition, Hypervisor-Assisted Guest Mitigations were recently made available for the platform and testing has begun to ensure stability and performance.

Dedicated SaaS: In the event VMware AirWatch must perform maintenance that will affect our service availability to our SaaS dedicated customer environments, AirWatch will work with you to determine suitable scheduling of these activities. 

On-Premise: On-Premise environments managed by customers should be remediated in accordance with the guidance document provided by your operating system vendor(s). VMware AirWatch is in the process of evaluating our shipped products to determine whether patching is necessary. At this time, VMware AirWatch has not identified any AirWatch products requiring software patches. 

Mobile Applications: VMware AirWatch is aware of reports that these vulnerabilities have been shown to affect common browser frameworks such as Chromium and WebKit. VMware AirWatch mobile applications such as VMware Browser do not ship copies of these libraries, but instead rely on the versions of these libraries provided by the underlying operating system (ex: Android and iOS). Therefore, VMware AirWatch mobile applications take advantage of the mitigations already shipped by OEM vendors. At this time, VMware AirWatch has not identified any necessary application changes or mitigations beyond those provided by the OEM vendor. Customers should continue to monitor vendors for updates to device platforms and libraries.

Make sure to subscribe to this knowledge base article for the latest information as it becomes available. In addition, sign up for the VMware Security Announcements mailing list to receive new and updated VMware Security Advisories relating to VMware products.

 

Additional Resources

Support Contact Information

To open a Support Request, please call your local AirWatch support line or submit a Support Request via myAirWatch.

 

Best Regards,

The AirWatch Team

Other Languages: 日本語

Have more questions? Submit a request

1 Comments

  • 0
    Avatar
    Jordan Cardinal

    VMware AirWatch is currently in the process of assessing the impact of patches on our environments and will provide updates in the existing KB and VMSA articles as more information is available. Please continue to monitor these resources for updates.

Article is closed for comments.